Items Tagged with "Hacking"

BackTrack 5 will be based on Ubuntu Lucid (10.04 LTS), will support 32 and 64 bit architectures, and will officially support KDE 4, Gnome and Fluxbox while providing users streamlined ISO downloads of each Desktop Environment...

MS Office programs will show an alert to our victim if it couldn't download content from a remote resource. We could put a document on our shared resource and when MS Office opens the doc, it takes a style sheet from our shared resource and doesn't show an alert to the victim...

The Social Engineering Toolkit is a python-driven suite of custom tools which focuses on attacking the human element in penetration testing. It’s purpose is to augment and simulate social-engineering attacks and allows for effectively testing how a targeted attack may succeed...

The sole purpose of Ensatus is deception and it drives the point of "fail" when it comes to counterattacking. If I were performing a sanctioned penetration test, I would be using decoys. In the event counterattacking were legal, you would be counterattacking an innocent victim...

An attack on a network is a progressive action. We escalate our rights step-by-step to a domain administrator. Even casual un-privileged users can give us access to some shared resources. But how do we get these user rights? We can enforce users to authenticate on controlled a machine...

Manufacturers lock their consoles through a firmware protection mechanism that allows only signed code to run, and a lot of people attempt to bypass these protections to run custom code. Bypassing is illegal, but we are going to discuss some methods for different consoles...

Cloning occurs when hackers scan the airwaves to obtain SIM card information, electronic serial numbers and mobile identification numbers, and then using that data on other phones. The bad guy simply uses an interceptor, hardware, and software to make a phone exactly like yours...

The indictment asserts that "Rad acted as a middleman between stock promoters seeking to pump shares of stock, and computer experts located inside and outside of the United States who used various means, including spam email campaigns, botnets, and hacking to pump the stock..."

I ran into the 'getvncpw' meterpreter script issue on pentests in the past but didn't know much about the whacked out version of DES that RFB (the VNC protocol) was using. Not being a fan of manually editing a binary and compiling each time, I had a password to crack I wanted to find another way...

"Kayla played a crucial role, posing as Barr to an IT administrator... to gain access to the company’s servers... [Kayla] and four other hackers broke into his company’s servers... defacing his Web site, purging data and posting more than 50,000 of his emails online for the world to see..."

Far too many people think that information security and data protection is simply about running tools, and too many technology books focus on the hardware and software elements, completely ignoring the human element. The social engineer can then use that gap to their advantage...

"You can never judge the origin of attackers from the computer's IP address. A professional hacker can launch cyber attacks from everywhere and disguise himself to be any country's citizens," an anonymous Chinese hacker told the Global Times...

For this part of the series I will be using three machines – a target machine, an attacker system and a third computer running the Network Security Monitoring (NSM) Security Onion Live CD. The NSM machine will be connected to the target machine via a mirrored port...

In normal operation, the BGP protocol helps keep the internet up and running. If a router goes down, Routers update the missing link and go around it. But if these routers are attacked on purpose and flooded with updates, it could put the internet into a state where it could not recover...